Re: Digesting the digest...

Peter said:
] From: Peter J Churchyard  <>
] To:  <"">;  <>
] Cc:  <"">;
] <>
] Subject: Re: Digesting the digest...
] Date: Wednesday, February 28, 1996 2:10PM
] As I see it the optional message-digest and or digest-messagedigest is
] only advisory since it can be removed in transit and the receiver doesn't
] know it was there..

A client that cares about modification in transit can reject repsonses 
without it, when talking to a server that it knows supplies it. Or see below.

] We might want to put into the "digest hashed data" a flag that is set if
] you also sent a Digest-MessageDigest so that it's removal could be detected.

That's not what you need. The client needs to be able to ask the server 
to send Digest-MessageDigest. A new parameter in the Authorization 
field is what you want. If it got snipped out, then the client wouldn't 
get the D-MD it asked for.

If the client sent message= in the Authorization header, and the 
attacker removes it,
I don't have a good answer. The server could refuse to accept requests 
without message= in the Authorization if it cared enough.  A flag in 
the WWW-Authenticate header could signal the client that it needed to 
send <message-digest>.

So, how about the following parameter for both Authorization and
WWW-Authenticate headers:
	digest-required=<"message" | "header" | "response">
where "message" means the receiver must include
in the response, "header" means the receiver must include
in the response, and "response" means the receiver must include
in the response.

Received on Wednesday, 28 February 1996 18:18:22 UTC